Description | Command | |||||
---|---|---|---|---|---|---|
1 | Verify your environmental variables are set correctly from Part 3, steps 1 and 2 before continuing, if not you need to go back and re-do those steps before continuing Echo needs to output your FQDN The last line of .bashrc needs to read: export FQDN=<your FQDN here> |
| ||||
2 | Install a certificate (required for end-to-end TLS encryption for the Super Node network) certbot will be used to generate and validate your certificate
NOTE: Some VPS providers have apache2 enabled which locks down port 80. You will need to disable apache2 if you get a failure to bind to port 80 error when establishing your standalone certificate | Disable apache2 (if enabled, see note)
Execute the certbot command to obtain an SSL certificate for your FQDN
| ||||
3 | Modify group ownership and permissions on the /etc/letsencrypt directory to allow the non-root user for zend access to the certificate and private key (access is granted via the sudo group, which the non-root user has been added to) | Modify ownership
Modify permissions
| ||||
4 | Split the chain.pem file into individual intermediate certificates. | Copy and paste this entire block of text
| ||||
5 | Update the certificate store with the root CA copied in the previous step |
| ||||
6 | Add the certificate and key locations to zen.conf NOTE: only run these commands once | Certificate
Private key
| ||||
7 | Now stop and start zend to pick up the new configuration, certificate and private key |
| ||||
8 | Check that the certificate is installed and configured correctly
If the row displays false, verify the steps above have been completed successfully and refer to the troubleshooting guide |
|